{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-09-09T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) folder and (2) action parameters."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "68062", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/68062"}, {"tags": ["x_refsource_MISC"], "url": "http://pridels-team.blogspot.com/2010/09/netartmedia-real-estate-portal-v20-xss.html"}, {"name": "43266", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/43266"}, {"name": "41377", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/41377"}, {"name": "realestateportal-index-file-include(61867)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61867"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-3606", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) folder and (2) action parameters."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "68062", "refsource": "OSVDB", "url": "http://osvdb.org/68062"}, {"name": "http://pridels-team.blogspot.com/2010/09/netartmedia-real-estate-portal-v20-xss.html", "refsource": "MISC", "url": "http://pridels-team.blogspot.com/2010/09/netartmedia-real-estate-portal-v20-xss.html"}, {"name": "43266", "refsource": "BID", "url": "http://www.securityfocus.com/bid/43266"}, {"name": "41377", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/41377"}, {"name": "realestateportal-index-file-include(61867)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61867"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T03:18:52.017Z"}, "title": "CVE Program Container", "references": [{"name": "68062", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/68062"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://pridels-team.blogspot.com/2010/09/netartmedia-real-estate-portal-v20-xss.html"}, {"name": "43266", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/43266"}, {"name": "41377", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/41377"}, {"name": "realestateportal-index-file-include(61867)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61867"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-3606", "datePublished": "2010-09-24T19:44:00", "dateReserved": "2010-09-24T00:00:00", "dateUpdated": "2024-08-07T03:18:52.017Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netartmedia:real_estate_portal:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "1D806699-AFB4-46C8-B77D-04267FBDE4D0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) folder and (2) action parameters."}, {"lang": "es", "value": "Multiples vulnerabilidades de salto de directorio en AGENTS/index.php de NetArt MEDIA Real Estate Portal v2.0 permiten a atacantes remotos incluir y ejecutar ficheros locales de su elecci\u00f3n a trav\u00e9s de secuencias de salto de directorio en los par\u00e1metros (1) \"folder\" (carpeta) y (2) \"action\" (acci\u00f3n)."}], "id": "CVE-2010-3606", "lastModified": "2017-08-17T01:33:00.617", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-09-24T21:00:33.857", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/68062"}, {"source": "cve@mitre.org", "url": "http://pridels-team.blogspot.com/2010/09/netartmedia-real-estate-portal-v20-xss.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/41377"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/43266"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61867"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}